Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

utils/tar: fix validation for tar without directory or extensions #11474

Merged
merged 1 commit into from Jun 2, 2021
Merged

utils/tar: fix validation for tar without directory or extensions #11474

merged 1 commit into from Jun 2, 2021

Conversation

cho-m
Copy link
Member

@cho-m cho-m commented May 31, 2021

  • Have you followed the guidelines in our Contributing document?
  • Have you checked to ensure there aren't other open Pull Requests for the same change?
  • Have you added an explanation of what your changes do and why you'd like us to include them?
  • Have you written new tests for your changes? Here's an example.
  • Have you successfully run brew style with your changes locally?
  • Have you successfully run brew typecheck with your changes locally?
  • Have you successfully run brew tests with your changes locally?

While running brew bump-cask-pr ... I have seen a tar validation issue a few times.
For example:

==> Verifying checksum for 'f4a5f395b90a4e7a31973a859427284a3c6bec550dbc480a3c588bb68d3dd978--helix-core-server.tgz'
Warning: Cannot verify integrity of 'f4a5f395b90a4e7a31973a859427284a3c6bec550dbc480a3c588bb68d3dd978--helix-core-server.tgz'.
No checksum was provided for this resource.
For your reference, the checksum is:
  sha256 "9a1f528f92568531785b1f125e60a48e84b1a958f9e1d74dfc6e61c060e08721"
Error: /Users/cho-m/Library/Caches/Homebrew/downloads/f4a5f395b90a4e7a31973a859427284a3c6bec550dbc480a3c588bb68d3dd978--helix-core-server.tgz is not a valid tar file!

The problem seems to be that the validation of tar file depends on regex /.*\., which means that a directory must exist and at least one file must have an extension.

This shouldn't be a restriction on validity of tar file.

I decided to use logic similar to unpack:

brew/Library/Homebrew/unpack_strategy/tar.rb

Lines 32 to 34 in 5115cc2

# Check if `tar` can list the contents, then it can also extract it.
stdout, _, status = system_command("tar", args: ["--list", "--file", path], print_stderr: false)
status.success? && !stdout.empty?

@BrewTestBot
Copy link
Member

Review period will end on 2021-06-01 at 19:54:04 UTC.

@BrewTestBot BrewTestBot added the waiting for feedback Merging is blocked until sufficient time has passed for review label May 31, 2021
MikeMcQuaid
MikeMcQuaid reviewed Jun 1, 2021
View reviewed changes
Copy link
Member

@MikeMcQuaid MikeMcQuaid left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

One suggested tweak but: nice work here!

Library/Homebrew/utils/tar.rb Outdated

odie "#{path} is not a valid tar file!"
stdout, _, status = system_command(executable, args: ["--list", "--file", path], print_stderr: false)
odie "#{path} is not a valid tar file!" if !status.success? || stdout.empty?
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
odie "#{path} is not a valid tar file!" if !status.success? || stdout.empty?
odie "#{path} is not a valid tar file!" if !status.success? || stdout.blank?

@BrewTestBot
Copy link
Member

Review period ended.

@BrewTestBot BrewTestBot removed the waiting for feedback Merging is blocked until sufficient time has passed for review label Jun 1, 2021
@MikeMcQuaid
Copy link
Member

Thanks again @cho-m!

@MikeMcQuaid MikeMcQuaid merged commit aa937b9 into Homebrew:master Jun 2, 2021
@cho-m cho-m deleted the fix-tar-validation branch June 2, 2021 16:27
@github-actions github-actions bot added the outdated PR was locked due to age label Jul 3, 2021
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Jul 3, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@MikeMcQuaid MikeMcQuaid MikeMcQuaid approved these changes

@BrewTestBot BrewTestBot BrewTestBot approved these changes

Assignees
No one assigned
Labels
outdated PR was locked due to age
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@cho-m @BrewTestBot @MikeMcQuaid